Prevent virtual interfaces from adding to the random pool.

Also move the sampling into ether_input() where it can happen
at the interrupt and not within splnet() processing, which might
be less random. Discussed with mickey.
OK markus@, mcbride@

1 files changed, 8 insertions, 1 deletions

diff --git a/sys/net/if_ethersubr.c b/sys/net/if_ethersubr.c
index c39d5f3a5e7..2e345c7a92d 100644
--- a/sys/net/if_ethersubr.c
+++ b/sys/net/if_ethersubr.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: if_ethersubr.c,v 1.118 2008/04/23 10:55:14 norby Exp $	*/
+/*	$OpenBSD: if_ethersubr.c,v 1.119 2008/05/07 05:51:12 mpf Exp $	*/
 /*	$NetBSD: if_ethersubr.c,v 1.19 1996/05/07 02:40:30 thorpej Exp $	*/
 
 /*
@@ -104,6 +104,8 @@ didn't get a copy, you may request one from <license@ipv6.nrl.navy.mil>.
 #include <netinet/if_ether.h>
 #include <netinet/ip_ipsp.h>
 
+#include <dev/rndvar.h>
+
 #if NBPFILTER > 0
 #include <net/bpf.h>
 #endif
@@ -563,6 +565,11 @@ ether_input(ifp0, eh, m)
 
 	etype = ntohs(eh->ether_type);
 
+	if (!(netisr & (1 << NETISR_RND_DONE))) {
+		add_net_randomness(etype);
+		atomic_setbits_int(&netisr, (1 << NETISR_RND_DONE));
+	}
+
 #if NVLAN > 0
 	if (etype == ETHERTYPE_VLAN && (vlan_input(eh, m) == 0))
 		return;